Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include ('../config/koneksi.php');
- $user = $_POST['username'];
- $pass = MD5($_POST['password']);
- //------ANTI XSS & SQL INJECTION-------//
- $login=mysqli_query($konek, "select * from admin where username='$user' and password='$pass' and blokir='N'");
- $r=mysqli_fetch_array($login);
- $ketemu = mysqli_num_rows($login);
- if ($ketemu > 0)
- {
- session_start();
- $_SESSION['username']=$r['username'];
- $_SESSION['password']=$r['password'];
- echo "<script>alert('Login berhasil, silahkan masuk.');
- window.location = 'media.php?page=dashboard'</script>";
- }
- else
- {
- echo "<script>alert('Maaf! Login gagal. Anda tidak berhak mengakses halaman administrator.');
- window.location = 'index.php?page=auth'</script>";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement